syzkaller login: [ 103.891786][ T2050] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 103.929455][ T2050] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 103.967294][ T2050] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 103.974448][ T2050] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. Warning: Permanently added '[localhost]:54950' (ECDSA) to the list of known hosts. 1970/01/01 00:02:21 fuzzer started 1970/01/01 00:02:25 connecting to host at localhost:40969 1970/01/01 00:02:26 checking machine... 1970/01/01 00:02:26 checking revisions... 1970/01/01 00:02:28 testing simple program... [ 149.373710][ T2218] cgroup: Unknown subsys name 'net' executing program [ 149.925114][ T2218] cgroup: Unknown subsys name 'rlimit' executing program executing program [ 156.522146][ T2221] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 156.545361][ T2221] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link executing program [ 159.302401][ T2221] device hsr_slave_0 entered promiscuous mode [ 159.363834][ T2221] device hsr_slave_1 entered promiscuous mode [ 161.321645][ T2221] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 161.412768][ T2221] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 161.502246][ T2221] netdevsim netdevsim0 netdevsim2: renamed from eth2 executing program [ 161.589961][ T2221] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 163.730048][ T2221] 8021q: adding VLAN 0 to HW filter on device bond0 [ 163.820953][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 163.841971][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready executing program [ 165.143593][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 165.160184][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 165.239344][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 165.243782][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 165.325260][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 165.391663][ T2538] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 165.545624][ T94] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 165.553157][ T94] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 165.633613][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 165.643385][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 165.720878][ T2221] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 166.770840][ T2538] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 166.772178][ T2538] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready executing program [ 169.655909][ T2538] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 169.665254][ T2538] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready executing program [ 171.124438][ T2538] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 171.144197][ T2538] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 171.161945][ T2538] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 171.177181][ T2538] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 171.224552][ T2221] device veth0_vlan entered promiscuous mode [ 171.342884][ T2221] device veth1_vlan entered promiscuous mode [ 171.647999][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 171.655418][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 171.711953][ T2221] device veth0_macvtap entered promiscuous mode [ 171.770699][ T2221] device veth1_macvtap entered promiscuous mode [ 172.003926][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 172.020969][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 172.039861][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 172.048014][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 172.153989][ T94] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 172.172420][ T94] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 172.224626][ T2221] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 172.249944][ T2221] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 172.250787][ T2221] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 172.251422][ T2221] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 172.607354][ C1] ------------[ cut here ]------------ [ 172.609477][ C1] WARNING: CPU: 1 PID: 39 at include/linux/cpumask.h:110 wg_cpumask_next_online+0x1c0/0x2c0 [ 172.610140][ C1] Modules linked in: [ 172.610772][ C1] CPU: 1 PID: 39 Comm: kworker/u4:2 Tainted: G W 6.0.0-syzkaller-10712-g27bc50fc9064 #0 [ 172.611213][ C1] Hardware name: linux,dummy-virt (DT) [ 172.611799][ C1] Workqueue: wg-kex-wg2 wg_packet_handshake_send_worker [ 172.612345][ C1] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 172.613279][ C1] pc : wg_cpumask_next_online+0x1c0/0x2c0 [ 172.614249][ C1] lr : wg_packet_receive+0x978/0x1560 [ 172.614976][ C1] sp : ffff800010aa7480 [ 172.616333][ C1] x29: ffff800010aa7480 x28: 0000000000000001 x27: 1fffe00001d50219 [ 172.619123][ C1] x26: 0000000000000000 x25: ffff80000de4c000 x24: 0000000000000000 [ 172.620113][ C1] x23: 0000000000000003 x22: ffff80000de4cb68 x21: 0000000000000001 [ 172.620811][ C1] x20: ffff00000ea810c8 x19: ffff80000de4cd50 x18: 0000000034e06038 [ 172.621378][ C1] x17: ffff80005cbf4000 x16: ffff800010aa8000 x15: ffff000013cf27a8 [ 172.622036][ C1] x14: 1ffff00002154e68 x13: 0000000000000000 x12: ffff600001d50291 [ 172.622615][ C1] x11: 1fffe00001d50290 x10: ffff600001d50290 x9 : dfff800000000000 [ 172.623183][ C1] x8 : ffff00000ea81483 x7 : 00009ffffe2afd70 x6 : 0000000000000001 [ 172.623771][ C1] x5 : ffff00000ea81480 x4 : ffff700001bc99aa x3 : dfff800000000000 [ 172.625740][ C1] x2 : 0000000000000002 x1 : 0000000000000002 x0 : 0000000000000001 [ 172.628981][ C1] Call trace: [ 172.629997][ C1] wg_cpumask_next_online+0x1c0/0x2c0 [ 172.630390][ C1] wg_packet_receive+0x978/0x1560 [ 172.630738][ C1] wg_receive+0x58/0xb0 [ 172.631071][ C1] udpv6_queue_rcv_one_skb+0x8f4/0x17c0 [ 172.631437][ C1] udpv6_queue_rcv_skb+0x134/0x7e0 [ 172.631793][ C1] udp6_unicast_rcv_skb+0xe8/0x270 [ 172.632138][ C1] __udp6_lib_rcv+0x8a4/0x2330 [ 172.632515][ C1] udpv6_rcv+0x1c/0x2c [ 172.633588][ C1] ip6_protocol_deliver_rcu+0x154/0x14f0 [ 172.635185][ C1] ip6_input_finish+0x108/0x220 [ 172.636409][ C1] ip6_input+0xbc/0x2b0 [ 172.637762][ C1] ipv6_rcv+0x39c/0x47c [ 172.639329][ C1] __netif_receive_skb_one_core+0xf4/0x170 [ 172.639889][ C1] __netif_receive_skb+0x24/0x184 [ 172.641116][ C1] process_backlog+0x24c/0x6b0 [ 172.641476][ C1] __napi_poll+0x94/0x3a4 [ 172.642807][ C1] net_rx_action+0x78c/0xb60 [ 172.644068][ C1] _stext+0x28c/0x107c [ 172.645170][ C1] ____do_softirq+0x10/0x20 [ 172.645624][ C1] call_on_irq_stack+0x2c/0x54 [ 172.647587][ C1] do_softirq_own_stack+0x1c/0x30 [ 172.649509][ C1] do_softirq.part.0+0xd0/0xf4 [ 172.650784][ C1] __local_bh_enable_ip+0x50c/0x5d0 [ 172.651174][ C1] _raw_read_unlock_bh+0x54/0x64 [ 172.651525][ C1] wg_socket_send_skb_to_peer+0xf0/0x190 [ 172.651889][ C1] wg_socket_send_buffer_to_peer+0x110/0x160 [ 172.652287][ C1] wg_packet_send_handshake_initiation+0x1a8/0x274 [ 172.652667][ C1] wg_packet_handshake_send_worker+0x1c/0x34 [ 172.653041][ C1] process_one_work+0x780/0x184c [ 172.653383][ C1] worker_thread+0x3cc/0xc40 [ 172.653757][ C1] kthread+0x23c/0x2a0 [ 172.654089][ C1] ret_from_fork+0x10/0x20 [ 172.655221][ C1] irq event stamp: 397393 [ 172.656862][ C1] hardirqs last enabled at (397392): [] __local_bh_enable_ip+0x1e4/0x5d0 [ 172.659102][ C1] hardirqs last disabled at (397393): [] el1_dbg+0x24/0x80 [ 172.659762][ C1] softirqs last enabled at (397384): [] wg_socket_send_skb_to_peer+0xf0/0x190 [ 172.660199][ C1] softirqs last disabled at (397385): [] ____do_softirq+0x10/0x20 [ 172.660641][ C1] ---[ end trace 0000000000000000 ]--- [ 172.739447][ C1] ------------[ cut here ]------------ [ 172.740393][ C1] WARNING: CPU: 1 PID: 94 at include/linux/cpumask.h:110 wg_packet_send_staged_packets+0xe38/0x1380 [ 172.740974][ C1] Modules linked in: [ 172.741509][ C1] CPU: 1 PID: 94 Comm: kworker/1:2 Tainted: G W 6.0.0-syzkaller-10712-g27bc50fc9064 #0 [ 172.742062][ C1] Hardware name: linux,dummy-virt (DT) [ 172.742398][ C1] Workqueue: wg-crypt-wg1 wg_packet_decrypt_worker [ 172.744162][ C1] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 172.746409][ C1] pc : wg_packet_send_staged_packets+0xe38/0x1380 [ 172.746813][ C1] lr : wg_packet_send_staged_packets+0x524/0x1380 [ 172.747272][ C1] sp : ffff800010aa7960 [ 172.747679][ C1] x29: ffff800010aa7960 x28: ffff0000146be000 x27: 0000000000000001 [ 172.748321][ C1] x26: 0000000000000001 x25: 0000000000000002 x24: 1fffe000022988f6 [ 172.748916][ C1] x23: ffff0000114c47a8 x22: ffff80000de4cd50 x21: ffff0000101f9c20 [ 172.749471][ C1] x20: ffff0000114c4780 x19: ffff000015b30c40 x18: ffff00006a9eab88 [ 172.750030][ C1] x17: ffff80005cbf4000 x16: ffff800010aa8000 x15: 0000000000008000 [ 172.750601][ C1] x14: 1ffff00002154efa x13: 1fffe000015c0b83 x12: ffff60000203f386 [ 172.751170][ C1] x11: ffff700001bc99aa x10: dfff800000000000 x9 : 0000000000000003 [ 172.751764][ C1] x8 : ffff80000de4c000 x7 : 1fffe00002b661b9 x6 : 0000000000000000 [ 172.752348][ C1] x5 : ffff000015b30dc8 x4 : ffff80000de4cb68 x3 : ffff800009f29754 [ 172.752914][ C1] x2 : 0000000000000002 x1 : 0000000000000002 x0 : 0000000000000001 [ 172.753471][ C1] Call trace: [ 172.753775][ C1] wg_packet_send_staged_packets+0xe38/0x1380 [ 172.754166][ C1] wg_packet_rx_poll+0xd94/0x1580 [ 172.754510][ C1] __napi_poll+0x94/0x3a4 [ 172.754871][ C1] net_rx_action+0x78c/0xb60 [ 172.755221][ C1] _stext+0x28c/0x107c [ 172.755558][ C1] ____do_softirq+0x10/0x20 [ 172.755895][ C1] call_on_irq_stack+0x2c/0x54 [ 172.756249][ C1] do_softirq_own_stack+0x1c/0x30 [ 172.756649][ C1] do_softirq.part.0+0xd0/0xf4 [ 172.757870][ C1] __local_bh_enable_ip+0x50c/0x5d0 [ 172.758235][ C1] _raw_spin_unlock_bh+0x54/0x64 [ 172.758597][ C1] wg_packet_decrypt_worker+0x210/0x3c0 [ 172.758947][ C1] process_one_work+0x780/0x184c [ 172.759294][ C1] worker_thread+0x3cc/0xc40 [ 172.760076][ C1] kthread+0x23c/0x2a0 [ 172.761200][ C1] ret_from_fork+0x10/0x20 [ 172.762648][ C1] irq event stamp: 15643 [ 172.763985][ C1] hardirqs last enabled at (15642): [] seqcount_lockdep_reader_access.constprop.0+0xc4/0xe0 [ 172.767500][ C1] hardirqs last disabled at (15643): [] el1_dbg+0x24/0x80 [ 172.768013][ C1] softirqs last enabled at (15618): [] wg_packet_decrypt_worker+0x210/0x3c0 [ 172.768559][ C1] softirqs last disabled at (15619): [] ____do_softirq+0x10/0x20 [ 172.769015][ C1] ---[ end trace 0000000000000000 ]--- executing program 1970/01/01 00:02:53 building call list... [ 174.393746][ T39] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 174.670884][ T39] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 174.930673][ T39] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 175.191075][ T39] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 executing program [ 178.749816][ T39] device hsr_slave_0 left promiscuous mode [ 178.799495][ T39] device hsr_slave_1 left promiscuous mode [ 178.952956][ T39] device veth1_macvtap left promiscuous mode [ 178.955239][ T39] device veth0_macvtap left promiscuous mode [ 178.964580][ T39] device veth1_vlan left promiscuous mode [ 178.974693][ T39] device veth0_vlan left promiscuous mode executing program [ 182.153256][ T39] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 182.272714][ T39] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface executing program [ 183.071543][ T39] bond0 (unregistering): Released all slaves executing program executing program executing program executing program [ 196.884611][ T2209] can: request_module (can-proto-0) failed. [ 197.224340][ T2209] can: request_module (can-proto-0) failed. [ 197.488360][ T2209] can: request_module (can-proto-0) failed. executing program executing program VM DIAGNOSIS: 02:23:56 Registers: info registers vcpu 0 PC=ffff800008293368 X00=ffff000011bb9b40 X01=0000000000000000 X02=ffff000011bb9b40 X03=1fffe0000d539789 X04=fffffc000038d620 X05=ffff700002224ca0 X06=dfff800000000000 X07=00000000f1f1f1f1 X08=ffff800011126533 X09=dfff800000000000 X10=ffff700002224ca6 X11=1fffe0000d53c4f8 X12=ffff60000d53c4f9 X13=0000000000000000 X14=1ffff00002224c7c X15=ffff800011126de4 X16=0000000000000000 X17=1ffff00002224dc4 X18=0000000000000000 X19=0000000000000000 X20=1fffff80000550c0 X21=fffffc00002a8640 X22=fffffc00002a8648 X23=ffff000011bba550 X24=0000000000000000 X25=ffff80001092b800 X26=874f29649a9e6c08 X27=1fffff80000550c3 X28=dfff800000000000 X29=ffff800011126260 X30=ffff800008033d78 SP=ffff8000111262f0 PSTATE=100000c5 ---V EL1h FPCR=00000000 FPSR=00000000 Q00=0000000000000000:0000000000000000 Q01=000063657363616d:007061747663616d Q02=0000000064252e30:322e30322e323731 Q03=ffff000000000000:ff00000000000000 Q04=ffffffff00000000:0000000000000000 Q05=4010000000000000:4000000000000000 Q06=4010040100100000:0000000000000000 Q07=4010040140100401:4010040140100401 Q08=0000000000000000:0000000000000000 Q09=0000000000000000:0000000000000000 Q10=0000000000000000:0000000000000000 Q11=0000000000000000:0000000000000000 Q12=0000000000000000:0000000000000000 Q13=0000000000000000:0000000000000000 Q14=0000000000000000:0000000000000000 Q15=0000000000000000:0000000000000000 Q16=5510000050004000:5510000050004000 Q17=000000ff00ff00ff:000000ff00ff00ff Q18=0000000000000000:0000000000000000 Q19=0000000000000000:0000000000000000 Q20=0000000000000000:0000000000000000 Q21=0000000000000000:0000000000000000 Q22=0000000000000000:0000000000000000 Q23=0000000000000000:0000000000000000 Q24=0000000000000000:0000000000000000 Q25=0000000000000000:0000000000000000 Q26=0000000000000000:0000000000000000 Q27=0000000000000000:0000000000000000 Q28=0000000000000000:0000000000000000 Q29=0000000000000000:0000000000000000 Q30=0000000000000000:0000000000000000 Q31=0000000000000000:0000000000000000 info registers vcpu 1 PC=ffff800008293d98 X00=0000000000000001 X01=dfff800000000000 X02=ffff80000de4f000 X03=1fffe0000125d6d1 X04=1fffe0000d53d001 X05=0000000000000000 X06=ffff80000c9013a8 X07=ffff0000092eb680 X08=ffff80000de4cd50 X09=ffff80000de4c000 X10=00000000f3000000 X11=dfff800000000000 X12=000000000000f1f1 X13=0000000000000000 X14=0000000000000000 X15=ffff80000f2a42c0 X16=0000000000000003 X17=0000000000000000 X18=0000000034e06038 X19=0000000000000001 X20=0000000000000105 X21=ffff80000e02ca80 X22=0000000000000000 X23=0000000000000001 X24=ffff80000df3ed98 X25=0000000000000000 X26=00000000ffffffff X27=ffff80000c9013a8 X28=ffff0000092eb680 X29=ffff800010aa6b70 X30=ffff80000c8ebc60 SP=ffff800010aa6b70 PSTATE=000003c5 ---- EL1h FPCR=00000000 FPSR=00000000 Q00=0000000000000000:0000000000000000 Q01=30253a3a30386566:000a2e6574656c70 Q02=388e9c6c4fa85ca0:0000000000007832 Q03=0000000000000000:ff00000000000000 Q04=0000000000000000:ffffffffffff0000 Q05=0010000000000000:4000000000000000 Q06=0000000000000000:4010040140100000 Q07=4010040140100401:4010040140100401 Q08=0000000000000000:0000000000000000 Q09=0000000000000000:0000000000000000 Q10=0000000000000000:0000000000000000 Q11=0000000000000000:0000000000000000 Q12=0000000000000000:0000000000000000 Q13=0000000000000000:0000000000000000 Q14=0000000000000000:0000000000000000 Q15=0000000000000000:0000000000000000 Q16=0000555010004000:0000555010004000 Q17=000000ff00ff00ff:000000ff00ff00ff Q18=0000000000000000:0000000000000000 Q19=0000000000000000:0000000000000000 Q20=0000000000000000:0000000000000000 Q21=0000000000000000:0000000000000000 Q22=0000000000000000:0000000000000000 Q23=0000000000000000:0000000000000000 Q24=0000000000000000:0000000000000000 Q25=0000000000000000:0000000000000000 Q26=0000000000000000:0000000000000000 Q27=0000000000000000:0000000000000000 Q28=0000000000000000:0000000000000000 Q29=0000000000000000:0000000000000000 Q30=0000000000000000:0000000000000000 Q31=0000000000000000:0000000000000000